Hi all,
I have been experiencing problems reaching some ftp servers in active mode through the ftp proxy in the ipl module. Although some ftp servers would work without problems (ex: ftp.freebsd.org). Here is how you can reproduce the current problem:
/etc/ipnat.rules map sis2 192.168.0.0/16 -> 0/32 proxy port ftp ftp/tcp map sis2 192.168.0.0/16 -> 0/32
ftp to a site where the welcome message/banner (220) is larger then 80 bytes (FTP_BUFSZ/2).
ftp> passive Passive mode off ftp> ls 500 Illegal PORT command.
The problem is that the ftp proxy entry gets deleted when ftp_server_valid() tries to get the 220 command due to the lack of \n in the buffer (striped by len = MIN(mlen, FTP_BUFSZ / 2); in ip_ftp_pxy.c). I have attached the solution.
Regards,
-- Karim Fodil-Lemelin Lead Programmer
Xiphos Technologies Inc. www.xiplink.com
Index: ip_ftp_pxy.c
===================================================================
RCS file:
/usr/xiphos/cvsroot/scps/OS_port/FreeBSD/dev/sys_49/contrib/ipfilter/netinet/ip_ftp_pxy.c,v
retrieving revision 1.1
diff -u -r1.1 ip_ftp_pxy.c
--- ip_ftp_pxy.c 30 Aug 2004 20:48:14 -0000 1.1
+++ ip_ftp_pxy.c 25 Nov 2004 20:03:34 -0000
@@ -818,11 +818,9 @@
}
for (; i; i--) {
- c = *s++;
- if (c == '\n') {
- ftps->ftps_cmds = cmd;
- return 0;
- }
+ c = *s++;
+ ftps->ftps_cmds = cmd;
+ return 0;
}
#if !defined(_KERNEL) && !defined(KERNEL)
fprintf(stdout, "ippr_ftp_server_valid:junk after cmd[%s]\n", buf);
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
